US11693715B2ActiveUtilityA1

Method and apparatus for real-time dynamic application programming interface (API) traffic shaping and infrastructure resource protection in a multiclient network environment

40
Assignee: PITNEY BOWES INCPriority: Aug 11, 2021Filed: Aug 11, 2021Granted: Jul 4, 2023
Est. expiryAug 11, 2041(~15.1 yrs left)· nominal 20-yr term from priority
G06Q 10/083G06F 16/245G06F 9/541H04L 67/60H04L 47/6295H04L 67/61H04L 41/5003H04L 41/5009H04L 41/5022H04L 47/22H04L 47/125
40
PatentIndex Score
0
Cited by
6
References
14
Claims

Abstract

A real-time dynamic API traffic shaping and infrastructure resource protection in a multiclient network environment is provided. A traffic rules engine (TRE) applies traffic shaping only to customers that are utilizing “more than their fair share” of the currently available bandwidth without allowing them to negatively impact the user experience of other users. The present invention takes current API traffic into consideration, allowing one or a few high volume users to utilize most of all available bandwidth as long as other users do not need that bandwidth. This includes dynamically measuring and adjusting which users had traffic shaping applied to them based on the overall traffic during any given second. The solution of the present invention avoids any slowdown of customer API requests unless the maximum allowable TPS limit is near to being reached.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A method for processing an API request for an API operation made by a customer using a remote device comprising:
 receiving at a processing module the API request via a network from the remote device; 
 determining, by the processing module, if a threshold number of transactions per second for the API operation has been exceeded; 
 if the threshold number of transactions per second has not been exceeded for the API operation, sending by the processing module the API request to the API operation via a first processing path that does not have a limit for a number of transactions per second that will be sent to the API operation; 
 if the threshold number of transactions per second has been exceeded for the API operation, determining, by the processing module, if the customer has a customer limit value for a number of API requests per second; 
 if the customer does have the customer limit value for the number of API requests per second, determining, by the processing module, if the customer limit value for the customer has been exceeded; 
 if the customer limit value for the number of API requests per second for the customer has not been exceeded, sending by the processing module the API request to the API operation via the first processing path; 
 if the customer limit value for the customer for the number of API requests per second has been exceeded, sending by the processing module the API request to the API operation via a second processing path that is different than the first processing path, the second processing path having a predefined limit for the number of transactions per second that will be sent to the API operation; 
 if the customer does not have the customer limit value for the number of API requests per second, determining, by the processing module, if a standard limit value for the number of API requests per second has been exceeded; 
 if the standard limit value for the number of API requests per second has not been exceeded, sending by the processing module the API request to the API operation via the first processing path; and 
 if the standard limit value for the number of API requests per second has been exceeded, sending by the processing module the API request to the API operation via the second processing path. 
 
     
     
       2. The method of  claim 1 , wherein the threshold number of transactions per second is based on an operation limit of transactions per second for the API operation. 
     
     
       3. The method of  claim 2 , wherein the threshold number of transactions per second is 50-75% of the operational limit. 
     
     
       4. The method of  claim 1 , wherein the customer limit value is higher than the standard limit value. 
     
     
       5. The method of  claim 1 , wherein the customer limit value is lower than the standard limit value. 
     
     
       6. The method of  claim 1 , wherein the second processing path includes a memory queue, and the API request is released from the memory queue at a predetermined rate. 
     
     
       7. The method of  claim 1 , further comprising:
 determining, by the processing module, if a spacing rule applies for the API operation for the API request; 
 if the spacing rule does apply, applying a spacing value to the API request; and sending the API request to the API operation with the applied spacing value. 
 
     
     
       8. An API request processing system for processing an API request for an API operation made by a customer using a remote device, the system comprising:
 a database associated with a request processing system, the database storing limit values corresponding to operation of the request processing system; and a processing module comprising processing circuitry configured to: 
 determine if a threshold number of transactions per second for the API operation, stored in the database, has been exceeded; 
 if the threshold number of transactions per second has not been exceeded for the API operation, send the API request to the API operation via a first processing path that does not have a limit for a number of transactions per second that will be sent to the API operation; 
 if the threshold number of transactions per second has been exceeded for the API operation, determine if the customer has a customer limit value, stored in the database, for a number of API requests per second; 
 if the customer does have the customer limit value for the number of API requests per second, determine if the customer limit value for the customer has been exceeded; 
 if the customer limit value for the number of API requests per second for the customer has not been exceeded, send the API request to the API operation via the first processing path; 
 if the customer limit value for the customer for the number of API requests per second has been exceeded, send the API request to the API operation via a second processing path that is different than the first processing path, the second processing path having a predefined limit for the number of transactions per second that will be sent to the API operation; 
 if the customer does not have the customer limit value for the number of API requests per second, determine if a standard limit value, stored in the database, for the number of API requests per second has been exceeded; 
 if the standard limit value for the number of API requests per second has not been exceeded, send the API request to the API operation via the first processing path; and 
 if the standard limit value for h number of API requests per second has been exceeded, send the API request to the API operation via the second processing path. 
 
     
     
       9. The system of  claim 8 , wherein the threshold number of transactions per second is based on an operation limit of transactions per second for the API operation. 
     
     
       10. The system of  claim 9 , wherein the threshold number of transactions per second is 50-75% of the operational limit. 
     
     
       11. The system of  claim 8 , wherein the customer limit value is higher than the standard limit value. 
     
     
       12. The system of  claim 8 , wherein the customer limit value is lower than the standard limit value. 
     
     
       13. The system of  claim 8 , wherein the processing circuitry if further configured to:
 determine if a spacing rule applies for the API operation for the API request; 
 if the spacing rule does apply, apply a spacing value to the API request; and send the API request to the API operation with the applied spacing value. 
 
     
     
       14. The system of  claim 8 , wherein the second processing path includes a memory queue, and the API request is released from the memory queue at a predetermined rate.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.